Microsoft TLS connection incorrectly marked insecure

gjedeer / paranoia

Paranoia add-on for Thunderbird. See who is reading your emails.

GNU General Public License v2.0

34 stars 9 forks source link

Microsoft TLS connection incorrectly marked insecure #28

Closed wienfuchs closed 4 years ago

wienfuchs commented 4 years ago

anonymised header from relevant mail:

Received: from mail2.markeXXX (mail2.markeXXX [N.N.N.N]) by MYHOST (Postfix) with ESMTPS id 0A0E... for ; Received: from vmarkeXXX2 (192.168.31.161) by vMarketMail02.marketXXX (192.168.31.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5;

AFAIS this should not be marked as "insecure"

paranoia-screen

gjedeer commented 4 years ago

Hey, thanks for reporting, would you mind installing this version to see if it helps?

https://f.gdr.name/paranoia-issue-28.xpi

3c7217b875a578731ee65ff453cef45b6e6c2086d5e21cae8ac921008fc04ba3  ../paranoia.xpi

wienfuchs commented 4 years ago

Looks great, fixed this (uninstalling original xpi / reinstalling needed, but did it then)

wienfuchs commented 4 years ago

One more - ipv6 localhost probably should not require encrypted connection too;)

Received: from ip6-localhost ([::1] helo=pmamail.phpmyadmin.net) by mail.phpmyadmin.net with esmtp (Exim 4.89) (envelope-from news-bounces@phpmyadmin) id 1ioXRk-XXXX; Mon, 06 Jan 2020 19:49:51 +0100

gjedeer commented 4 years ago

Added, if you could download a copy at the same link and test IPv6 that would be great. Thanks!

https://f.gdr.name/paranoia-issue-28.xpi

0ab8b9d147ca6b513aad7613a97485070a9d3738250875ae61fb0c2a15303609  ../paranoia.xpi

wienfuchs commented 4 years ago

Looks very good also for this now:

grafik

gjedeer commented 4 years ago

Thanks for testing! I've submitted these changes as version 0.3.2.